Data brokers selling lists of rape victims, AIDS patients

Consumer data companies are selling lists of rape victims, seniors with dementia and even those suffering from HIV and AIDS to marketers, underscoring the need for tighter government regulations, a privacy group told Congress Wednesday.

The World Privacy Forum uncovered these lists, along with several others, while investigating how data brokers collect and sell consumer information. Marketers buy this data so they can target shoppers based on everything from their income to clothing size.

Other lists the nonprofit found included the home addresses of police officers, a mailing list for domestic violence shelters (which are typically kept secret by law) and a list of people with addictive behaviors towards drug and alcohol.

The mere existence of these lists highlights the need for increased government regulations, said World Privacy Forum executive director Pam Dixon.

"This is where I urge Congress to take action," she said Wednesday at aSenate committee hearing. "Highly sensitive data are the frayed and ugly ends of the bell curve of lists, far from the center. This is where lawmakers can work to remove unsafe, unfair and overall just deplorable lists from circulation."

Currently, data brokers are required by federal law to maintain the privacy of a consumer's data only if it is used for credit, employment, insurance or housing. And while medical privacy laws prohibit doctors from sharing patient information, medical information that data brokers get elsewhere, such as from the purchase of over-the-counter drugs and otherhealth care items, is fair game.

In some cases, such lists could put people in harm's way. The list of more than 30,000 police officers' home addresses, for example, could put the lives of the officers and their families in danger, said Dixon. Meanwhile, a list of seniors suffering from dementia could open them up to predatory financial offers.

Linda Woolley, president of the Direct Marketing Association, said in a statement that such lists represent a "tiny minority" of marketingproducts.

"We recognize that there are situations in which lists are being used to disparage certain groups," she said. "That is not something that DMA supports."

This data company knows all about you

She added that some names of lists may be misleading as to the information it contains and that most lists typically focus on a person's likely interests, such as whether someone is a "sports enthusiast" or "avid traveler."

Some data brokers offer ways to opt out, but many have unclear opt-out procedures or none at all. Plus, most consumers have no idea they're on the lists in the first place, said Dixon.

Wednesday's hearing came after a year-long Senate committee investigation into the $156 billion data brokerage industry. The Federal Trade Commission has also called on major data brokers to increase transparency into their data practices.

Committee chairman John "Jay" Rockefeller criticized several of the country's largest data brokers for resisting the oversight and said he would continue to push for information on how they get data and who they sell it to.

In his closing remarks, the senator said he was "revolted" by the lists Dixon had revealed and said the commission would continue to explore the issue.

"I think it's our job as government to... bring into sunlight what is going on," he said. "I think its serious, and I think it's a dark underside of American life, in which people make a lot of money and cause people to suffer even more."